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TITLE OF THE INVENTION 

APPARATUS AND METHOD TO PREVENT A DEVICE DRIVER FROM LOADING ON 
A COUNTERFEIT HARDWARE ELEMENT 
BACKGROUND OF THE INVENTION 
5 1. Field of the Invention 

The present invention generally relates to a hardware authenticity verification 
system. More particularly, the present invention relates to a hardware authenticity 
verification system that (1) creates a digital signature of a hardware address of a 
y, hardware element, and (2) restricts the use of a manufacturer's device driver on a 
|o hardware element for which a user possesses a software program to compare the 

iLiJ: 

H digital signature to a known value, 
tfl 2. Discussion of the Related Art 

* s Generally, when a computer system is turned on, an operating system performs 

ifl several tasks to initialize the system. In some systems, such as packet switching 
A5 devices or routers, initialization may be achieved with a BIOS (basic input/output 

system), firmware, or micro-code. One of the tasks that the operating system, BIOS, 
firmware, or micro-code performs is loading device drivers, which are typically software 
programs for adapters. Typically, a device driver is programmed to check a memory 
element, such as an EEPROM, only for corruption. The device driver generally does 
20 not require verification of a hardware element's authenticity (e.g., comparing a hardware 
element's hardware address with an address that is stored in the EEPROM) in order to 
load the device driver on the hardware element. The absence of authenticity verification 
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provides an opportunity for a counterfeiter to successfully incorporate a non-authentic 
hardware element into the computer system or a network system without detection. 

A counterfeiter may buy parts to build a hardware element from a gray-market 
vendor and, in fact, build an exact copy of the authentic hardware element. The 
counterfeiter may copy the entire contents of an authentic EEPROM image, for 
example, of the hardware element. The counterfeiter may change the hardware 
address of the hardware element to make it unique, and burn the new EEPROM image 
onto the counterfeit hardware element. This technique may allow all of the original 
manufacturer's device drivers to load on the counterfeit hardware element. 

Believing that a counterfeit hardware element is authentic, a purchaser of the 
counterfeit hardware element may solicit the original manufacturer for support and/or 
demand replacement, thereby increasing the original manufacturer's support costs. The 
counterfeit hardware element is typically inferior in quality to an authentic hardware 
element, damaging the reputation of the original manufacturer. Because the original 
manufacturer's call center has no simple way of differentiating between an authentic 
hardware element and a counterfeit hardware element, the original manufacturer often 
replaces a defective hardware element at its expense, even if the defective hardware 
element is counterfeit. 

Thus, a system that verifies the authenticity of a hardware element is required. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 illustrates a hardware authenticity verification system according to an 
embodiment of the present invention; 
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Fig. 2 illustrates a network device according to an embodiment of the present 
invention; 

Fig. 3 illustrates a network system according to an embodiment of the present 
invention; and 

Fig. 4 illustrates a flow chart for a method of verifying the authenticity of a 
hardware element according to an embodiment of the present invention. 

DETAILED DESCRIPTION 

Reference in the specification to "one embodiment" or "an embodiment" of the 
present invention means that a particular feature, structure or characteristic described in 
connection with the embodiment is included in at least one embodiment of the present 
invention. Thus, the appearances of the phrase "in one embodiment" or "according to 
an embodiment" appearing in various places throughout the specification are not 
necessarily all referring to the same embodiment. 

Fig. 1 illustrates a hardware authenticity verification system according to an 
embodiment of the present invention. The hardware authenticity verification system 100 
includes a hardware element 110, a digital signature generator 120, a memory element 
130, and a software program 140. The hardware element 110 has a hardware address, 
which must be unique within a network system for proper operation of the network 
system. Examples of a hardware element 110 include a network adapter, a hard drive, 
and a display. The digital signature generator 120 creates a digital signature of the 
hardware address of the hardware element 110. The memory element 130 stores the 
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digital signature of the hardware element 110. The software program 140 compares the 
digital signature of the hardware element to a known value. 

According to an embodiment of the invention, the software program 140 is a 
device driver. The device driver itself may decrypt the digital signature of the hardware 
5 element 1 1 0 that is stored in the memory element 1 30. 

According to another embodiment, the hardware element 1 10 is a network 
adapter; however, the hardware element 110 may be any other suitable device. 
In another embodiment of the invention, the digital signature generator 120 
M= manipulates the hardware address of the hardware element 1 1 0 with a hash algorithm, 
ip In a preferred embodiment, the digital signature generator 120 encrypts the hardware 

m s 

^ address of the hardware element 1 10 with a private key. According to yet another 

m 

|J embodiment of the invention, the hardware authenticity verification system 100 is 
U included in a data processing device. 

W Fig. 2 illustrates a network device according to an embodiment of the present 

?5 invention. The network device 200 includes a user interface 210, a microprocessor 220, 
a power supply 230, and a hardware authenticity verification system 100. The user 
interface 210 receives information from a user. The microprocessor 220 processes the 
information that is received from the user. The power supply 230 supplies power to the 
network device. The hardware authenticity verification system 100 verifies authenticity 
20 of a hardware element 1 1 0 (see Fig. 1 ). 

Fig. 3 illustrates a network system according to an embodiment of the present 
invention. The network system 300 includes a first data processing device 310, a 
second data processing device 320, a communication device 330, and a hardware 
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authenticity verification system 340. The first data processing device 310 
communicates with the communication device 330. The communication device 330 
also communicates with the second data processing device 320. The hardware 
authenticity verification system 340 verifies the authenticity of a hardware element 110. 
5 Within element 350, a hardware authenticity verification system 340 may also be 
provided to verify the authenticity of a hardware element 1 1 0. The hardware 
authenticity verification system 340 may be included in the first data processing device 
310 and/or the second data processing device 320. 
u Fig. 4 illustrates a flow chart for a method of verifying the authenticity of a 

2p hardware element according to an embodiment of the present invention. Within the 
M method and referring to Fig. 1, a digital signature generator 120 creates 410 a digital 
in signature of a hardware address of the hardware element 1 1 0. The digital signature of 

hi 

f : the hardware address of the hardware element 1 1 0 is stored 420 in a memory element 

H 1 30. The hardware address of the hardware element 1 1 0 may also be stored 430 in the 

M memory element 1 30. The digital signature of the hardware element 1 1 0 that is stored 

■SSSfS 

H 

jfws 

in the memory element 1 30 is preferably decrypted 440. The hardware address of the 
hardware element 110 that is stored in memory may be manipulated 450 with a hash 
algorithm. The digital signature of the hardware element 1 10 is compared 460 to a 
known value. The known value is preferably the hardware address of the hardware 
20 element 1 10 that has been manipulated by the hash algorithm. If the compare is 
successful (i.e., if the digital signature of the hardware element 1 1 0 is same as the 
known value), then access is permitted 470 to the hardware element. If the compare is 
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not successful, then the manufacturer's software program 140 may refuse 480 to load 
on the hardware element 110 and/or issue a warning. 

In short, the hardware authenticity verification system 100 according to the 
present invention creates a digital signature of a hardware address of a hardware 
5 element 1 1 0, so that a manufacturer of a hardware element 1 1 0 may prevent the use of 
its software program 140 on a counterfeit hardware element. The digital signature is 
preferably produced by (1) manipulating the hardware address of the hardware element 
1 10 with the hash algorithm, and (2) encrypting the result of the hash algorithm 
manipulation with a private key. The digital signature is stored in the memory element 

Jjp 1 30, preferably along with the unaltered hardware address of the hardware element 

w 

J 1 1 0. The manufacturer's device driver preferably contains a public key to decrypt the 

IH digital signature. If the digital signature matches the hardware address of the hardware 

e element 110 after being manipulated by the hash algorithm, the user may be granted 

P read and write access to all memory locations within the memory element 130, including 

5 ■: 

55 a location in which the hardware address is stored. On the other hand, if the hardware 

p 

address of the hardware element 1 1 0 is not valid (i.e., if the decrypted digital signature 
does not match the hardware address of the hardware element 1 1 0 after being 
manipulated by the hash algorithm), the hardware element 1 1 0 will not properly 
function, because the manufacturer's software program 140 may be configured to not 
20 load on the hardware element 1 1 0 if the digital signature is not properly decrypted. 

While the description above refers to particular embodiments of the present 
invention, it will be understood that many modifications may be made without departing 
from the spirit thereof. The accompanying claims are intended to cover such 
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modifications as would fall within the true scope and spirit of the present invention. The 
presently disclosed embodiments are therefore to be considered in all respects as 
illustrative and not restrictive, the scope of the invention being indicated by the 
appended claims, rather than the foregoing description, and all changes that come 
within the meaning and range of equivalency of the claims are therefore intended to be 
embraced therein. 



